DWS/chrony
1
0
Fork 0
mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-03 16:45:07 -05:00
Code Issues Packages Projects Releases Wiki Activity

conf: warn if not having read-only access to keys

Browse Source 
After dropping root privileges, log a warning message if chronyd
doesn't have read access or has (unnecessary) write access to the
files containing symmetric and server NTS keys.
This commit is contained in:
Miroslav Lichvar
2023-01-25 14:29:06 +01:00
parent 9cba9c8585
commit 883b0dde94
5 changed files with 35 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
util.c
View File

@@ -1271,6 +1271,17 @@ UTI_CheckFilePermissions(const char *path, mode_t perm)
/* ================================================== */
void
UTI_CheckReadOnlyAccess(const char *path)
{
if (access(path, R_OK) != 0 && errno != ENOENT)
LOG(LOGS_WARN, "Missing read access to %s : %s", path, strerror(errno));
if (access(path, W_OK) == 0)
LOG(LOGS_WARN, "Having write access to %s", path);
}
/* ================================================== */
static int
join_path(const char *basedir, const char *name, const char *suffix,
char *buffer, size_t length, LOG_Severity severity)